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DETAILED ACTION 



Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this OfTice action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-2, 11-13, 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sit et al. (U.S. Patent No. 6,349,336), and further in view of Epstein 
et al. (U.S. Patent No. 6,584,508). 

Referring to claim 1 : 

i. Sit et al. teach: 

A secure system for transferring data, the system comprising: 

A client system (see e.g. figure 5, item 3141; and column 7, lines 17-19); 

A server (see e.g. figure 5, item 308E; and column 7, lines 19-22); 

A secure system interposed between the client system and the server for 
controlling communications between the client system and the server, the security 
system including: 

A first proxy system (see e.g. figure 5, item 306) and a second proxy 
system (see e.g. figure 5, item 312), the first proxy system coupled between the client 
system and the second proxy system (see e.g. figure 5, items 3081, 306, 312; and 
column 7, lines 15-25) and the second proxy system coupled between the server and 
the first proxy system (see e.g. figure 5, item 308E, 312, 306); 

A firewall coupled between the first proxy system and the second proxy 
system (see figure 5, items 312, 305, 306), firewall restricting data flow between the first 
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proxy system the second proxy system to outbound communications through a single 
port on the firewall (see figure 5, item 305; and column 7, lines 26-28). 

ii. Sit et al. teach the claimed subject matter: Sit et al. teach to 
establish a secure communication channel between client and server to transfer HTTP 
data. However, Sit et al. do not teach to transfer FTP data with the system. Epstein et 
al. teach a secure system wherein FTP data, as well as HTTP data and SMTP data can 
be transferred (see figure 2, item 206C; and column 4, lines 16-20 of Epstein et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Epstein et al. into the 
system of Sit et al. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Epstein et al. into the system of Sit et al, for increasing the 
security of network guard system (see column 1, lines 14-15 of Epstein et al.). 
Referring to claim 2 : 

Sit et al./Epstein et al. teach: 

The client system will send the request to the first proxy system. 
The first proxy system will fonA/ard the request to the second proxy system, via the 
single port in the firewall, and the second proxy system will establish a connection with 
the server (see e.g. figure 5. items 3081, 306, 305, 312, 308E; and column 7, lines 34-40 
of Sit et al.). 

Referring to claim 11 : 

Sit et al./Epstein et al. teach: 
A system of transferring data, comprising a plurality of clients and a plurality of 
servers to transfer data through the single port in the firewall (see figure 5, items 3101, 
3081, 3141, 3161, 310E, 308E, 314E, 316E; and column 7, lines 15-25 of Sitet al.). 
Referring to claim 12 : 

This claim has limitations which is similar to those of claim 1, thus it is rejected 
with the same rationale applied against claim 1 above. 
Referring to claim 13 : 
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This claim has limitations which is similar to those of claim 2, thus it is rejected 
with the same rationale applied against claim 2 above. 
Referring to claim 25 : 

This claim has limitations which is similar to those of claim 1 1 , thus it is rejected 
with the same rationale applied against claim 1 1 above. 

3. Claims 3-4, 14-15 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sit et al. (U.S. Patent No. 6,349.336), Epstein et al. (U.S. Patent No. 
6,584,508). and further in view of Fan et al. (U.S. Patent No. 6,219,706). 

Referring to claim 3 : 

i. Sit et al./Epstein et al. teach the claimed subject matter: Sit et 
al./Epstein et al. teach to establish a secure communication channel between client and 
server to transfer FTP data. However, Sit et al./Epstein et al. are silent about 
command ( or control ) channel in FTP data transfer. 

ii. Fan et al. teach a control channel. The control channel is used to 
initiate the FTP (File Transfer Protocol) connection between the client and the server 
(see column 2, lines 12-14 of Fan et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to apply the teaching of Fan et al. into the system of Sit 
et al./Epstein et al. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Fan et al. into the system of Sit et al./Epstein et al. to protect 
sensitive resources such as engineering workgroup server or financial databases from 
unauthorized users (see column 1, lines 24-26 of Fan et al.). 

Referring to claim 4 : 

i. Sit et al./Epstein et al. teach the claimed subject matter: Sit et 
al./Epstein et al. teach to establish a secure communication channel between client and 
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server to transfer FTP data. However, Sit et al./Epstein et al. are silent about 
transferring a representation of a socket from server to the client. 

ii. Fan et al. disclose the process of setting up a FTP data connection. 
Via the control channel mentioned in claim 3, the client and server negotiate a port 
number for data channel (see column 2, lines 14-17 of Fan et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to apply the teaching of Fan et al. into the system of Sit 
et al./Epstein et al. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Fan et al. into the system of Sit et al./Epstein et al. to protect 
sensitive resources such as engineering workgroup server or financial databases from 
unauthorized users (see column 1, lines 24-26 of Fan et al.). 

Referring to claim 14 : 

This claim has limitations which is similar to those of claim 3, thus it is rejected 
with the same rationale applied against claim 3 above. 
Referrino to claim 15 : 

This claim has limitations which is similar to those of claim 4, thus it is rejected 
with the same rationale applied against claim 4 above. 

4. Claims 5-10, 16-24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sit et al. (U.S. Patent No. 6,349,336), Epstein et al. (U.S. Patent No. 
6,584,508), Fan et al. (U.S. Patent No. 6,219,706), and further in view of Albert et al. 
(U.S. Patent No. 6,687,222). 

Referring to claim 5 : 

i. Sit et al./Epstein et al./Fan et al. teach the claimed subject matter: 
Sit et al./Epstein et al./Fan et al. teach to establish a secure communication channel 
between client and server to transfer FTP data. However, Sit et al./Epstein et al./Fan et 
al. do not teach modifying the IP address in the socket. 
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ii. Albert et al. teach to modify the IP address of the host in a packet 
before fonA^arding the packet on to client (see figure 3A, item 302; and column 12, lines 
29-33 of Albert et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to apply the teaching of Albert et al. into the system of 
Sit et al./Epstein et al./Fan et al. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Albert et al. into the system of Sit et al./Epstein et al./Fan et al. 
for enabling a device that is protected by a firewall to be controlled by a device external 
to the firewall (see column 1 , lines 10-12 of Sit et al.). 

Referring to claim 8 : 

This claim has limitations which is similar to those of claim 5, thus it is rejected 
with the same rationale applied against claim 5 above. 



Referring to claim 6 : 

Sit et al./Epstein et al./Fan et al./Albert et al. teach: 
The client system transmits a request through said security system for 
data located on the server (see figure 5, items 3081, 306; and column 7, lines 34-40 of 
Sit et a!.). 

Referring to claim 7 : 

Sit et al./Epstein et al./Fan et al./Albert et al. teach: 
The first proxy server fonA/ards the request to the second proxy server via 
the single port on the firewall, and on to the data server (see figure 5, items 306, 305, 
312, 308E; and column 7, lines 34-40 of Sit et al.). 
Referring to claim 9 : 

Sit et al./Epstein et al./Fan et al./Albert et al. teach: 
The server transmits data through said security system to first proxy (see 
e.g. figure 5, items 308E, 312. 305, 306; and column 7, lines 34-40 of Sit et al.). 
Referring to claim 10 : 

Sit et al./Epstein et al./Fan et al./Albert et al. teach: 
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The first proxy transmits data to the client system (see e.g. figure 5, items 
306, 3081; and column 7, lines 34-40 of Sit et al.). 
Referring to claims 16.17.18 : 

These claims have limitations which is similar to those of claim 5, thus they are 
rejected with the same rationale applied against claim 5 above. 
Referring to claim 19. 22 : 

These claims have limitations which is similar to those of claim 6, thus they are 
rejected with the same rationale applied against claim 6 above. 
Referring to claim 20 : 

This claim has limitations which is similar to those of claim 7, thus it is rejected 
with the same rationale applied against claim 7 above. 
Referring to claim 21 : 

This claim has limitations which is similar to those of claim 8, thus it is rejected 
with the same rationale applied against claim 8 above. 
Referring to claim 23 : 

This claim has limitations which is similar to those of claim 9, thus It is rejected 
with the same rationale applied against claim 9 above. 
Referring to claim 24 : 

This claim has limitations which is similar to those of claim 10, thus it is rejected 
with the same rationale applied against claim 10 above. 



Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Joseph Pan whose telephone number is 571-272-5987. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached at 571-272-3859. The fax and phone numbers for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 571-272- 
2100. 

Joseph Pan 
May 18, 2005 
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